package cn.cvs.controller;

import cn.cvs.pojo.SysRight;
import cn.cvs.pojo.SysRole;
import cn.cvs.pojo.SysUser;
import cn.cvs.service.RoleShiroService;
import cn.cvs.service.SysRightService;
import cn.cvs.service.UserService;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.*;
import org.apache.shiro.subject.Subject;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;

import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import java.util.List;

@Controller
public class LoginController_shiro {

    @Resource
    UserService userService;

    @Resource
    RoleShiroService roleShiroService;

    @Resource
    SysRightService rightService;

    @RequestMapping("sindex")
    public String login_shiro(){
        return "shiro_login";
    }


    @RequestMapping("smain")
    public String main(){
        return "rolelist";
    }

    @RequestMapping("403")
    public String unAuthorized(){
        return "403";
    }

    @RequestMapping("slogin")
    public String slogin(@RequestParam("username") String username
                        , @RequestParam("password") String password
                        , HttpServletRequest request
                        , Model model
    ){
       /*未使用Shiro的登录逻辑
       SysUser loginUser = userService.doLogin(username, password);
        if (null != loginUser){
            request.getSession().setAttribute("currUser",loginUser);
            return "index";
        }else{
            return "login";
        }*/

        //使用shiro
        try {
            UsernamePasswordToken token=new UsernamePasswordToken(username,password);
            Subject subject = SecurityUtils.getSubject();
            subject.login(token); //带着令牌认证登录
            SysUser user = (SysUser) subject.getPrincipal();

            //查询该用户拥有 的权限
            SysRole role = user.getRole();
            List<SysRight> rights = rightService.getSysRightByUserRoleId(role.getRoleId());
            role.getRights().addAll(rights);//权限存入role ,user

            request.getSession().setAttribute("currUser",user);

            return "redirect:smain";
        }catch (UnknownAccountException | IncorrectCredentialsException e) {
            model.addAttribute("msg","用户名或者密码错误,登录失败!");
            System.out.println("err1");
            return "shiro_login";
        } catch (LockedAccountException e) {
            System.out.println("err2");
            model.addAttribute("msg","用户被禁用,登录失败!");
            return "shiro_login";
        }
        catch (AuthenticationException e) {
            System.out.println("err3");
            model.addAttribute("msg","认证异常,登录失败!");
            return "shiro_login";
        }
    }

    @RequestMapping("slogout")
    public String logout(HttpSession session){
        session.removeAttribute("currUser");
        SecurityUtils.getSubject().logout();
        return "redirect:smain";//重定向,删除cookie
    }

}
